LinuxBBQ

Forums
https://linuxbbq.com/bbs/

[irrelevant] openssl (serious bug)

https://linuxbbq.com/bbs/viewtopic.php?f=9&t=2071

Page 1 of 1

[irrelevant] openssl (serious bug)

Posted: Sun May 03, 2015 4:10 pm
by ivanovnegro
It is exciting, the first bug and 270 packages upgraded. :)

If you use curl or related packages the new openssl renders unrelated packages unusable. If you do not mind and even use wget then it is OK, otherwise use the older version of openssl.

https://bugs.debian.org/cgi-bin/bugrepo ... bug=768476

Re: openssl (serious bug)

Posted: Sun May 03, 2015 7:30 pm
by machinebacon
Thanks DD.

Code: Select all

user@grill:~$ policy openssl
openssl:
  Installed: 1.0.2a-1
  Candidate: 1.0.2a-1
  Version table:
 *** 1.0.2a-1 0
        500 http://ftp.cn.debian.org/debian/ unstable/main i386 Packages
        100 /var/lib/dpkg/status

user@grill:~$ policy libssl1.0.0
libssl1.0.0:
  Installed: 1.0.2a-1
  Candidate: 1.0.2a-1
  Version table:
 *** 1.0.2a-1 0
        500 http://ftp.cn.debian.org/debian/ unstable/main i386 Packages
        100 /var/lib/dpkg/status
Interesting, the bug report mentions 1.0.2~beta3-1. I do have experimental enabled, and I'm some versions behind/ahead. Seems they pulled the affected version back, and the bug report is from November last year. The last report on the matter is from April 5, but in the meanwhile curl got an upgrade on April 29. I'd "lean out of the window" and say: safe to upgrade :D

Re: openssl (serious bug)

Posted: Sun May 03, 2015 9:01 pm
by ivanovnegro
You might be right. As for the old bug report, it was because people installed from experimental at that time.

You have already the newest openssl but then I have already the newest libssl1.0.0. I guess we can ignore the bug. I let it open for a while because people whined on the BTS. :)

Re: openssl (serious bug)

Posted: Sun May 03, 2015 9:03 pm
by machinebacon
ssl is anyway for pussies. :)

Re: openssl (serious bug)

Posted: Mon May 04, 2015 5:26 pm
by ivanovnegro
Installed the new version, see no reason why not to upgrade. :P

Re: [irrelevant] openssl (serious bug)

Posted: Mon May 04, 2015 5:34 pm
by machinebacon
Same here, if the openssl package is missing, eg. links https://github.com will print an error and bail out. Installing the so-called 'buggy' openssl package works fine. Thanks for releasing the ban :D
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited